How to turn off screen blanking
Hello, My computers are primarily servers (Debian/woody) which display diagnostic information. How do I turn off the automatic screen blanking features? Thanks, Doug
Re: What happens when Woody becomes Stable ??
Of course, the smoothest way to upgrade is to use dselect. Brian, Why this assertion? I thought dselect was on its way out... Cheers, Doug
Brooktrout users on Debian
Hello all, I was wondering if anyone else here uses Brooktrout (telephony) hardware on Debian or other versions of Linux. I'm having the oddest problems with mine (Woody SMP 2.2.19 on Asus CUR-DLS server MB) and was hoping I could discuss with you. Thanks, Doug
Re: DNS problems
All connections to my machine are delayed. "telnet localhost" takes 20 secs to connect and another 20 secs to display the login. "telnet 127.0.0.1" connects immidiately, but also needs 20 secs to display a login. Sounds to me the reverse mapping is not set up. Which doesn't make sense because it's in your hosts file. Doug
P3 patch for woody
Hello all, I am interested in using the kernel-patch-2.2.19-p3 with my SMP P3 boxes. However, I would like to get some opinions on it's stability and reliability. I ask this especially in light of the patch's duplication of stuff which is already in the 2.2.19 kernel. When applied, the CPU selection menu has several duplicate entries, and to me this sort of thing sets of red flags (if it can't patch the configure script correctly, what is it doing to my low level code???). Finally, I'd like to ask if anyone has noticed any tangible benefit from this patch. Thanks, Doug
BIND9 on Debian
Hello, I'm using BIND9 on Debian Woody with Kernel 2.2.19 with several patches (primarily freeswan). I'm finding that it doesn't work reliably in the following circumstances: 1) It doesn't seem to do a proper reload of zone files with "rndc reload" 2) After several rndc commands, the server can't be shut down (even with /etc/init.d/bind9 stop); it must be killall -9'd. 3) It doesn't send out NOTIFY messages with an "rndc reload" - but it does seem to when it starts up The reason I'm using BIND9 is to take advantage of the "views" feature to allow my internal names visible behind my firewall, and the external ones (a subset of the internal ones) visible outside the firewall. I would appreciate any suggestions. Thanks, Doug
Re: BIND9 on Debian
Hello, I'm sorry; it's the 9.1.3 packaged up in Debian/Woody distribution. I've noticed the bug list (as suggested by Sean) mentions problems with threading and/or multiprocessors, but Vector's response (below) indicates it runs stable for him, although I am running woody kernel-source-2.2.19 on SMP boxes. Perhaps I will try another kernel without FreeS/WAN, but that would not be a very tenable position in the short term for me, and the other patches I can't imagine affecting it (they are the 2.2.20pre-10 3ware driver, the latest Adaptec 7xxx driver, and the latest eepro100 driver). Thanks for any additional thoughts, Doug At 11:24 AM 9/21/2001, Vector wrote: Which version of bind9? Is it the beta? I'm running bind 9.1.3 on potato and I haven't had any problems yet. It seems to be serving all the domains I have on it (about 100) and it reloads for me every time with notifications. vec - Original Message - From: "Doug Fields" <[EMAIL PROTECTED]> To: Sent: Friday, September 21, 2001 9:21 AM Subject: BIND9 on Debian > Hello, > > I'm using BIND9 on Debian Woody with Kernel 2.2.19 with several patches > (primarily freeswan). > > I'm finding that it doesn't work reliably in the following circumstances: > > 1) It doesn't seem to do a proper reload of zone files with "rndc reload" > 2) After several rndc commands, the server can't be shut down (even with > /etc/init.d/bind9 stop); it must be killall -9'd. > 3) It doesn't send out NOTIFY messages with an "rndc reload" - but it does > seem to when it starts up > > The reason I'm using BIND9 is to take advantage of the "views" feature to > allow my internal names visible behind my firewall, and the external ones > (a subset of the internal ones) visible outside the firewall. > > I would appreciate any suggestions. > > Thanks, > > Doug > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSL packages (LDAP PAM NSS) +
What I am wondering about is: a) Does anyone maintain ssl versions of nss-, pam- ldap and openldap 2.0.1x? Hello, Over the last two days I just completed converting my development environment to a fully LDAP NSS/PAM environment in preparation of converting the entire data center. I used the slapd, libpam-ldap, and libnss-ldap (plus dependencies) packages from Woody to do so. I also used the PADL migration tools (maybe someone should package these and put them as recommended for the two libXXX-ldap packages). None of this supports SSL. However, you can get around this two ways, neither of which I have yet done: 1) Get the source packages and recompile all of them with SSL support enabled 2) Use stunnel (or SSH or whatever) to set up SSL tunneling I don't intend to do either for now. If you find an easier way (a prepackaged .deb way, preferably) please let me know. I did investigate doing #1, but the sheer number of options to openldap combined with my minimal knowledge of changing Debian package configuration prior to the simple build, stopped me until I had more time on my hands. On the other hand, I would be very interested to know if you or anyone has a PAM/NSS/LDAP installation on Debian using slave LDAP servers as hot backups. I haven't seen any documented way of doing this anywhere, such as providing a list of servers which can be attempted. For PAM, however, I suppose it's relatively simple to do something like: authsufficient pam_ldap.so authsufficient pam_ldap.so config=/etc/pam_ldap-slave.conf try_first_pass authrequiredpam_unix.so nullok try_first_pass (Although I haven't tried it yet) On the other hand, I do not yet see a way to do this with NSS. I would welcome pointers. I would like to advise you to ensure at least a+r permissions on /etc/nsswitch.conf. If you do not, then simple things like getent networks will not work for non-root users. The installation recommends mode 0600 which I found does NOT work because non-root users running programs using the glibc nss will not be able to get the answers from the now-depopulated /etc files. Cheers, Doug
Re: time sync probs
> I then restart the ntp daemon and noticed my date never changed. > However, earlier, I used ntpdate to sync with that time server > and it worked. (I make sure both aren't running at the same time) Have you tried running ntp recently? Often the time difference is too great for ntp to sync initially. After you run ntpdate and sync up with the time server then ntp can do it's work. Definitely do this, yes. But also realize that NTP does not do a sudden date change. It merely slows down or speeds up the system clock a tiny fraction for long enough to "drift" your clock into synchronization. NTPDate, however, does the brute force slam dunk "it says it's 12:34, so your clock is now 12:34" type of setting. Cheers, Doug
OT - Finding old PCI Ethernet cards
Slightly off topic... I am still running an old 1.2.13 kernel system, and I have found it increasingly difficult to buy a system with enough ISA slots for my old hardware. So, I want to put a PCI ethernet card in instead of an old ISA NE2000. (I obviously can't upgrade the software else I would have by now.) I found two possibly PCI ethernet drivers in the kernel source: for the "AMD Lance" and the DEC "Tulip". However, I don't seem to be able to find any cards which run with this. Does anyone know of any PCI cards which I can buy today which will run on a 1.2.13 kernel? Thanks, Doug
BRU and Debian? (Arkeia, other solutions)
Hello all, I was going to purchase Arkeia to run my backups for my mostly Debian network, using my FastStor 22 DLT library. However, my opinion of them changed when they wanted $2,800 to enable the "library" module of the software which otherwise costs only $600. Talk about a rip-off, when "mtx" is free. So, I was considering BRU, which I've used for many years, several years ago. However, their web site says explicitly it is not compatible with Debian as a server platform (not a client). Has anyone actually used BRU as a server or tried to, on a Debian (I'm using woody) server? If not, does anyone else have any other suggestions for backup software which can fully automated back up my network (total cap 120 gigs) to my FastStor 22 DLT tape library daily? Thanks, Doug
Re: ntpd
I'm trying to run ntpd here to both set the clock and then keep it synchronized with our ntp server. My problem is that ntpd seems to be trying to slew the clock instead of setting it. Here is an example: There is no problem; your description of what happens is correct. NTP does not set the date, it merely speeds up or slows down the clock to get it in sync, and then keeps it there. You use ntpdate (as you demonstrated) to "force" the clock to be instantly set. Doug
dselect and delete archived .debs - no
Hi all, I _never_ want to delete the downloaded .deb files. However, I haven't figured out a way to get dselect to stop asking. And, every now and then, I hit one too many returns and it defaults to "delete." So, I often end up downloading the same package(s) several times, wasting my bandwidth and time, and wasting our Debian servers' as well. I maintain seven machines, so I prefer not to download it too many times. Does anyone know how I can make it so that the archived .deb files are never deleted, and never prompted for deletion? The dselect and dpkg man pages were no help. Thanks, Doug
Too many slapd processes
Hello, Woody had the 2.0.14 version of slapd (OpenLDAP) upgraded a while ago, instead of the official "stable" 2.0.11 version and also not the 2.0.15 most recent version. Since then, with my LDAP PAM/NSS configured woody box, I get a proliferation of slapd processes - over 20, as reported by ps. I don't know if these are threads or forked processes (how do you tell, anyway). Furthermore, netstat -a reports a ton of ESTABLISHED and CLOSE_WAIT connections from localhost to localhost:ldap (and a few vice versa). The CLOSE_WAIT ones actually persist across /etc/init.d/slapd restart, while the processes do go down in number to just a few. lsof -a seems to indicate that these CLOSE_WAIT processes are also from slapd, but really, they're from all sorts of processes - presumably every process which uses NSS or PAM will have one of these CLOSE_WAITs lying around. So: 1) How do I keep the number of slapd processes (or threads) in check - that is, down to just two or three? 2) How do I get the CLOSE_WAIT sockets to actually fully close and disappear? Thanks, Doug
Re: dselect and delete archived .debs - no
man apt.conf In short: Put the line 'DSelect::Clean "never";' in /etc/apt/apt.conf. Thanks! Just FYI, on my woody system, I put it into /etc/apt/apt.conf.d/70debconf and that did the trick. That file was created by the debconf package, but adding the line you suggest works. As usual, I was unable to find anything about apt.conf.d in the apt.conf man page, but it's obvious that it was turned into a directory for ease of maintenance via the whole apt method (just like all the other .d directories). Cheers, Doug Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: DNS/Domain questions
In short: 1) Buy DNS & BIND, 4th edition, and read it cover to cover 2) Use BIND9 instead of BIND, as that provides "views." Views allow you to present one set of DNS entries to "the rest of the world" and another set internally Cheers, Doug At 11:44 AM 9/28/2001, Matthew Daubenspeck wrote: I just recently purchased a domain name and am wondering on a few things. Which package would be best to create my own name server? A lot of places have it, but for an extra fee. Why pay when I have Debian is my slogan . I have done some researching on BIND and have looked through a lot of it's docs and FAQs, but none to which really seemed to pertain to my individual situation/question. Excuse my choppy explanation, but I'll give it a whirl.. If I have myname.com and I register my IP as the DNS, what do I need to use to let the debian box resolve subdomains (server1.myname.com, server2.myname.com, etc etc) to the outside world. The second would also deal with firewall issuing. Since my main FTP/MAIL/WEB debian box is behind a SOHO firewall, is there anyway way to allow the DNS to resolve to internal IP's as well? For instance, a completely different box with a different internal IP running a completely different FTP/MAIL/WEB server? Sorry if it sounds like babble, but that is about the best way I can explain it. Thanks in advance. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Which POP3 server to use?
Hello all, I've been trying to decide which POP3 server to use. My requirements include: 1) Ability to use PAM for authentication, or have a simple way of extending the authentication to use a highly customized authentication scheme (for which I will write a PAM module) 2) Ability to have a special directory specified where the UNIX mailbox-format files reside 3) Uses standard UNIX mailbox-format files I've looked at Courier - but that is a whole enormous system (can I use just the POP daemon?). Also, solid POP3, but that is only 0.15, which doesn't necessarily "sound" good. ipop seems not to support PAM. What about Cyrus POP3? That seems like an overkill IMAP solution without 2 and 3 support above. In the past I have used the qpopper modified for 1 and 2 above. However, I would like to use a more feature filled version (e.g., qpopper does not have UIDL support). Your thoughts would be greatly appreciated. Thanks, Doug
Re: Which POP3 server to use? - clarification
Here is the big problem I'm facing: The various POP daemons (qpopper, solid-pop3d, etc.) all use the getpwnam function to get information about the user. My user "accounts" do not exist in the NSS/getpwnam environment. They only exist in a list of usernames/passwords and a list of files in a directory. Hence, I need a POP daemon which ONLY uses PAM, and can have the mail storage directory specified. qpopper explicitly says it needs pwnam entries in its FAQs. solid-pop3d needs it as well although I had to browse the source code to determine this dependency. Any other ideas? Many thanks, Doug At 01:17 AM 10/7/2001, CaT wrote: On Sun, Oct 07, 2001 at 01:04:00AM -0400, Doug Fields wrote: > Hello all, > > I've been trying to decide which POP3 server to use. > > My requirements include: > > 1) Ability to use PAM for authentication, or have a simple way of extending > the authentication to use a highly customized authentication scheme (for > which I will write a PAM module) > 2) Ability to have a special directory specified where the UNIX > mailbox-format files reside > 3) Uses standard UNIX mailbox-format files qpopper is your friend I believe. I use it with SSL to have a nice encrypted pop experience and it hasn't given me grief aswell. major downside to it: the docs are pdf but if you can get around that then you're sweet. it's very configurable and has not given me grief after about 7-8 months of use. be sure to get the latest version though (which I believe is 4.0.3). > In the past I have used the qpopper modified for 1 and 2 above. However, I > would like to use a more feature filled version (e.g., qpopper does not > have UIDL support). You mean this stuff? X-UIDL: p0P!!&X&"!p^(#!B,n"!
Re: Raid Card
I use 3ware RAID cards very nicely on my Debian boxes. Unfortunately, they just announced they would no longer be selling them. My vendor says there is enough stock in the channel or about six months. Damn shame; good product. Doug At 01:40 PM 10/8/2001, Jeff McIntosh wrote: Debian-User, I have a PowerEdge 2550 running Debian 2.2rev3 (kernel 2.2.19). Is there a raid card that has drivers native to Debian. I would like a card that is a Perc 3/DC. Any help with finding a manufacture for this type of card would be great. Thank you very much Jeff McIntosh Jeffrey McIntosh IT Specialist Tibotec-Virco 1330 Piccard Drive Rockville MD 20850 301.519.1919 x201 (Office) 240.632.9829 (Fax) http://www.Tibotec-Virco.com THIS EMAIL AND ANY ATTACHED FILES ARE CONFIDENTIAL AND MAY BE LEGALLY PRIVILEGED. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this communication is strictly prohibited. If you have received this transmission in error please notify the sender immediately and then delete this email. Email transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of email transmission. If verification is required please request a hard copy version. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
